Periodic Reporting for period 1 - ROOT (Rolling Out OSNMA for the secure synchronization of Telecom networks.)
Reporting period: 2020-11-01 to 2022-07-31
ROOT stands for Rolling Out OSNMA for the secure synchronization of Telecom networks and aimed to experimentally demonstrate the benefits introduced by some emerging technologies, which increase the robustness of current synchronization networks. The project raised awareness of the problem of intentional Radio Frequency Interference (RFI) and cyber-attacks against GNSS timing receivers. It developed and demonstrated resilient networks synchronization through the combination of complementary solutions. From a general point of view, the project focused on four different technical aspects:
- the first concerned the use of modern multi-frequency, multi-constellations GNSS receivers, able to mitigate intentional jamming and spoofing attacks with embedded signal processing countermeasures.
- the second dealt with the decoding of authenticated GNSS data, namely the Open Service Navigation Message Authentication (OSNMA) protocol, now transmitted on the Galileo E1 band. In this context, it is worth recalling that ROOT overlapped with the Public Observation Phase of the Galileo OSNMA.
- the third was the implementation of autonomous switching mechanisms between different GNSS timing sources of the network, with the intent to detect and isolate anomalies due to interference or cyber-attacks (or simply due to poor performance of failures) carried out against specific network nodes. This aspect was supported by new versions of the Precision Time Protocol (PTP), namely the White Rabbit – PTP.
- the fourth referred to the protection of the software running on the network synchronization devices, slaved to GNSS receivers. This was a key aspect that helped to understand the need to protect GNSS receivers and Position, Navigation, and Timing (PNT) data not only from RF attacks but also at the interfaces toward the other systems/devices.
ROOT demonstrated it is possible to reduce the vulnerabilities of current synchronization networks dependent upon GNSS. The effort resulted in the development of a new “close-to-market” network synchronization device, which embeds a new professional GNSS receiver enabled to process live OSNMA signals. The technical and scientific work was complemented by a thorough analysis of potential markets of the developed solution. This served to identify added values and a sustainable market entry strategy, which also considered domains aside telecom, such as power grids and systems for time-tagging financial transactions.
From the Mid Term Review, the team was involved in WP3 which involved the preparation and execution of experimental tests, as well as the critical review of the results. Here, the COVID-19 pandemic has had a significant impact. Therefore, the project timetable has been completely re-evaluated, taking into account new developments and constraints deriving from the state of emergency. It is worth remembering that even the dissemination and communication activities (WP5) planned through the participation of people in workshops and conferences had to be canceled or replaced with online events. This helped change the dissemination strategy and constitutes one of the lessons learned from the project. With the 3-month extension of the project agreed and granted by the EC, the Consortium was able to recover the delays and successfully carry out the second batch of tests in Madrid. The actual duration of the project was therefore 21 months, instead of the original 18: the extension allowed the achievement of most of the original objectives, as reported in D6.2 “Recommendations for the follow up of the project”.
In the last phase, from the Review of the Experimental Evidence to the Final Review, the project focused on the critical review of the results. This phase served to evaluate actual results against the original goals, assess deviations and derive recommendations. Overall, it can be concluded that the project has demonstrated novel GNSS-based network synchronization devices that are resilient to intentional GNSS interference and cyber attacks. Processing new authenticated signals, such as OSNMA, is an added value for timing applications. GNSS authentication increases the complexity of successful spoofing attacks, which in turn become less likely. The project demonstrated that it is crucial to protect the GNSS receiver as a whole, not only from RF interference, but also from cyber attacks against its software. The technical results were integrated with market-related analyzes. A solid business plan and sustainable market entry strategy were defined to introduce the ROOT solution to the market at the end of the project.
Following an experimental approach, the project demonstrated new strategies for secure network synchronization, which combine GNSS signal authentication, interference monitoring algorithms, autonomous switching between timing sources, remote attestation of software to protect from cyber-attacks. The project introduced resilient architectures for long-distance accurate time distribution, lightening dependence to satellite signals. The project had the ambition to show the use of new authenticated Galileo signal for the operations of telecommunication networks and, in general, for critical infrastructures. In fact, the experimental phase of the ROOT project overlapped with the Galileo OSNMA public testing phase and some of the tests were carried out processing live signals.
The results of the project partially close a gap in the security of telecommunication networks dependent on satellite-derived time, with indirect benefits in curbing illegal attempts to disrupt the network services.